On 10/14/2015 05:41 AM, Lukasz Pawelczyk wrote:
> Add a new LSM hook called before inode's setxattr. It is required for
> LSM to be able to reliably replace the xattr's value to be set to
> filesystem in __vfs_setxattr_noperm(). Useful for mapped values, like in
> the upcoming Smack namespace
Any process is able to send netlink messages with invalid types.
Make the warning rate-limited to prevent too much log spam.
The warning is supposed to help to find misbehaving programs, so
print the triggering command name and pid.
Signed-off-by: Vladis Dronov
---
On Tue, Nov 03, 2015 at 03:42:17PM -0800, Andy Lutomirski wrote:
> Reviewed-by: Kees Cook
> Signed-off-by: Andy Lutomirski
Looks good, thanks.
Acked-by: Serge Hallyn
> ---
>
> Changes from v2: Add a note about arg3 == 0 in
On 03/11/2015 21:11, Parav Pandit wrote:
> So it looks like below,
> #cat rdma.resources.verbs.list
> Output:
> mlx4_0 uctx ah pd cq mr mw srq qp flow
> mlx4_1 uctx ah pd cq mr mw srq qp flow rss_wq
What happens if you set a limit of rss_wq to mlx4_0 in this example?
Would it fail? I think it
Any process is able to send netlink messages with invalid types.
Make the warning rate-limited to prevent too much log spam.
The warning is supposed to hel
Reported-by: Florian Weimer
Signed-off-by: Vladis Dronov
---
security/selinux/hooks.c | 7 +++